7.8
CVE-2025-1277 - PDF File Parsing Memory Corruption Vulnerability
A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
6.9
CVE-2025-30254 - Growatt Cloud portal Authorization Bypass Through User-Controlled Key
An unauthenticated attacker can obtain a serial number of a smart meter(s) using its owner's username.
7.8
CVE-2025-1656 - PDF File Parsing Heap-based Overflow Vulnerability
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-1273 - PDF File Parsing Heap-Based Overflow Vulnerability
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-2497 - DWG File Parsing Stack-Based Buffer Vulnerability
A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
7.8
CVE-2025-1276 - DWG File Parsing Out-of-Bounds Write Vulnerability
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-1275 - JPG File Parsing Heap-Based Overflow Vulnerability
A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
6.9
CVE-2025-27568 - Growatt Cloud portal Authorization Bypass Through User-Controlled Key
An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request.
5.3
CVE-2025-30702 -
Vulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server. Supported versions that are affected are 19.3-19.26. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Fleet Patching and amp; Provisioning. Sucβ¦
2.2
CVE-2025-32021 - Weblate VCS credentials included in URL parameters are potentially logged and saved into browser hiβ¦
Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code reβ¦